Self-verification using base64 encoded X509 cert

SelfVerify.java

package no.posten.dpost.sosm;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.AccessController;
import java.security.CodeSigner;
import java.security.CodeSource;
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;

import org.bouncycastle.util.encoders.Base64;

public class SelfVerify {
	private static final String cert = "...base64 encoded cert...";

	public static boolean verify() throws Exception {
		URL providerURL = AccessController.doPrivileged(new PrivilegedAction<URL>() {
			public URL run() {
				CodeSource cs = SelfVerify.class.getProtectionDomain().getCodeSource();
				return cs.getLocation();
			}
		});
		CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
		X509Certificate c = (X509Certificate)certFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(cert)));

		return verify(new JarFile(providerURL.getPath()), c);
	}

	private static boolean verify(final JarFile jar, final X509Certificate cert) throws IOException {
		Enumeration<JarEntry> entries = jar.entries();
		while (entries.hasMoreElements()) {
			JarEntry entry = entries.nextElement();
			try {
				InputStream is = jar.getInputStream(entry);
				boolean found = false;
				System.out.println(entry.getCodeSigners());
				for (CodeSigner signer : entry.getCodeSigners()) {
					for (Certificate c : signer.getSignerCertPath().getCertificates()) {
						System.out.println(((X509Certificate)c).getSubjectDN());
					}
					if (signer.getSignerCertPath().getCertificates().contains(cert)) {
						found = true;
						break;
					}
				}
				return found;
			} catch (SecurityException se) {
				return false;
			}
		}
		return true;
	}
}